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Abstracts — The Network Packet Flow is analyzed and 
defined by the network administers in the company to 
assure the exact data flow in the networked systems. 
Currently, in the world the data flow is unreliable in the 
internet because of unreliability of the internet. So in My 
research 1 dully answered to identify and asses the network 
administrator can record the ingress and egress of the 
packet flow-in and flow-out in the routers respectively. 
Therefore the network environment is reliable, identified 
and assessed by using the network simulators called packet 
tracer and the protocol of NETFLOW protocol 
implementation in this research works. 
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I. INTRODUCTION 

In the computer network environments there is unsecured 
network is familiar in the world. Therefore, it’s most often 
refers to a free temporary LAN users, Wi-Fi (wireless) 
network, like at a coffeehouse, retail store. It means there's 
no special login or screening process to get on the network, 
which means you and anyone else can use it. So that it 
means to you is that there's no guarantee of security while 
you use that network not secured). 

So, if a hacker or false network users were nearby and felt 
like doing dirty deeds online on that unsecure network, 
there's very little that can stop him. Most of the time as we 
have faced in different organization we've all used free Wi¬ 
Fi by Laptop other smart phones, we all accessed our 
systems as temporarily and others in different environments 
like Cafe, Airport, Mall, city centers, public library, and 
even if inside rails. In these bad environments there is 
packet flows in and out of source and destinations i.e. the 
packet flow, is run through the IP process to segment the 
stream into a consistent packet data structure, which is 
easily routed through network paths. In generally the 


network packets is nothing but it’s the data which flows 
from the sender to receivers. 

Packets enable resilient network designs by creating 
uniform, stateless, independent data chunks. Packet 
networking has been the preferred method for networking 
for the last 20 years (but it’s not only one). The use of 
packets remains a sound technical concept for abstracting 
the forwarding path from the payload. Focus on the 
network, don’t be concerned about the data. 

But consider common use cases for the network. The user 
wants to see a Web page load smoothly and quickly. The 
Web developer wants the Web browser to request an image, 
an HTML file or a script file from the Web server and load 
rapidly. For a sys admin, the OS opens a socket to manage a 
connection to a remote system and to stream data through it. 
These use cases are all about flows of data, but the network 
supports the delivery as a series of packets. 

And consider the hosts at either end of the connection. In 
the past, servers were always located on a single port of a 
switch. Clients were located at a specific WAN connection 
or on a specific switch in the campus LAN. Packets 
ingressed(incoming) and egressed(outgoing)the network at 
known locations and the ports. 

Packet assessing and identifying is based on the following 
basic requirements of A network flow is identified as a 
unidirectional stream of packets between a given source and 
destination—both are defined by a network-layer IP address 
and by transport-layer source and destination port numbers. 
Specifically, a flow is identified as the combination of the 
following key fields are basics to identify the packets, to 
identify who sends to whom, on which times and other 
statistics of the network flows in detail. 

■C Source IP address 
■S Destination IP address 
■S Source port number 
■C Destination port number 
■C Layer 3 protocol type 
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■S Type of service (ToS) 

■f Input logical interface 

To identifying assessing the packets which are either 
ingressed or egressed we have used the algorithms and tools 


in our research, called NetFlow protocols and Packet tracer 
respectively. 

So the Netflow protocols architectures in diagrammatic ally 
mentioned in Figl. In Below. Which shows about the 
packet flows and the environments of the networks. 


Internet 


Remote 
Site ft2 


Remote 
Site ttl 


Netflow 

Exporter 


Netflow 

Collector 


Anolysis 

Console 


LAN 



Fig.l: Architectural Design ofNetFlow Protocol Implementations. [7] 


As Fig 1. Shows the network administrator monitor and can 
assess each and every packets from the entire networks of 
the organization which are flowed in or ingress and flowed 
out or egress data for 24/7 services. 

n. +METHODOLOGY 

To gather each and every statistics of the network packet in 
our research we used free and open source software called 
Cisco Packet tracer which is Versions 6.1 as the simulators, 
as it mentioned in our experimental results in Fig.2 in 
below. The protocols that we have implemented in the 
research work is called NetFlow Protocol which is used to 


captures data from ingress (incoming) and egress (outgoing) 
packets. NetFlow gathers statistics of each packet sent and 
received at what times from which remotes sites. The 
following ingress IP packets identified by protocol: 

IP-to-IP packets 

IP-to-Multiprotocol Label Switching (MPLS) packets 
Frame Relay-terminated packets 
ATM-terminated packets 

As it mentioned, in the Fig 2. The protocols which identifies 
data incoming and outgoing from the router by Fast 
Ethernet port (FEO or FEO). The statistics of the overflow is 
captured in the memory of router called DRAM. 
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And also: NetFlow captures data for all egress (outgoing) 
packets through the use of the following features: 

Egress NetFlow Accounting:-NetFlow gathers statistics for 
all egress packets for IP traffic only. 

NetFlow MPFS Egress:-NetFlow gathers statistics for all 
egress MPFS-to-IP packets. 

In Netflows statistics the network administrator can assess, 
identify and answers all WH questions like 
•S From where the packets sent? 

■S To which system/ remote? 

•S To whom it sent? 

•S By what time interval? 

■7 How many sizes of packets? 

•S How it sent like protocol? 

III. RESULTS AND EXPERIMENTAL WORKS 

In this study we have used the Packet tracer version 6.1. 
For the experimental simulation of how the NetFlow 


protocol is implemented in the real networks and how it’s 
used to monitor and manage the organizational network to 
create secured network environments. 

So, we have done the following steps in our works: 

Step 01: Designing the network by using Packet tracer: for 
this study we have used one router with Fa0/0, DHCP 
server. Switch, PCs with 24 ports and straight through 
cables to connect the devices, and also Laptop computer 
with Console cables to configure the Protocols and network. 
Step 02: Configuring the networks by using cisco 
commands [In this research we have configured the DHCP 
server and PCs, RouterFa 0/0 with IP Address 192.168.1.1, 
255.255.255.0] 

Steps 03:Sending messages from one devices to another 
[we sent from Pc to PC, Router - PCs..etc] 

Step 04: Monitoring the networks by using the Network 
statistics 
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Fig.3: Simple Network Designs and NetFlow Protocol Implementations. 


Network Configuration 

Router Configurations: without username and password 
configuring router interface fa 0/0, ip address and enabling the interface 
Continue with configuration dialog? [yes/no]: n 
Press RETURN to get started! 

Router>enable 
Router#conf t 

Enter configuration commands, one per line. End with CNTL/Z. 

Router(config)#interface fa0/0 

Router(config-if)#ip address 192.168.1.10 255.255.255.0 
Router(config-if)#no shut 

%LINK-5-CHANGED: Interface FastEthernetO/O, changed state to up 
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernetO/O, changed state to up 
Router(config-if)#exit 
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Router(config)#exit 

Router# 

%SYS-5-CONFIG_I: Configured from console by console 
Configuring The NETFLOW protocol 
Router#conf t 

Enter configuration commands, one per line. End with CNTL/Z. 

Router(config)#interface faO/O 

Router(config-if)#ip flow ingress 

Router(config-if)#ip flow egress 

Router(config-if)#exit 

Router(config)#ip flow dest 

Router(config)#ip flow-export destination 1.0.0.255 2055 
Router(config)#ip flow version 9 
Router(config)#ip flow-export source fa0/0 
Router(config)#exit 

%SYS-5-CONFIG_I: Configured from console by console 
Router#showip cache flow 

Fig.4: Captured Statistics of the packet flow. 
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IP packer size distribution (2 total packets): 


1-32 

64 

96 

128 

160 

192 

224 

256 

288 

320 

352 

384 

416 

448 

480 

1.00 

.000 

.000 

.000 

.000 

.000 

.000 

.000 

.000 

.000 

.000 

.000 

.000 

.000 

.000 

512 

544 

576 

1024 

1536 

2048 

2560 

3072 

3584 

4096 

4608 





.000 

.000 

.000 

.000 

.000 

.000 

.000 

.000 

.000 

.000 

.000 






IP Flow Switching Cache, 278544 bytes 
1 active, 4095 inactive, 1 added 
€ ager polls, 0 flow alloc failures 
Active flows timeout in 30 minutes 
Inactive flows timeout in 15 seconds 
IP Sub Flow Cache, 34056 bytes 

0 active, 1024 inactive, 0 added, 0 added to flow 
0 alloc failures, 0 force free 
1 chunk, 1 chunk added 
last clearing of statistics never 

Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec) 

- Flows /Sec /Flow /Pkt /Sec /Flow /Flow 

Total: 0 0.0 0 0 0.0 0.0 0.0 


Srclf 

Fa0/0 


SrcIPaddress Dstlf 
192.168.1.5 Local 


DstIPaddress Pr SrcP DstP Pkts 
192.168.1.10 01 0000 0000 2 


IV. DISCUSSION 

Although flow-based analysis solutions are great, there are 
some areas where packet capture and analysis is still 
needed. Packet analysis is normally associated with SPAN 
or mirror ports, which are available on most managed 
network switches. “Port mirroring is used on a network 


switch to send a copy of network packets seen on one 
switch port (or an entire VLAN) to a network monitoring 
connection on another switch port’’ [2], Port mirroring on a 
Cisco Systems switch is generally referred to as Switched 
Port Analyser (SPAN) ; some other vendors have other 
names for it, such as Roving Analysis Port (RAP) on 3Com 
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switches. Deep packet inspection (DPI) applies to 
technologies that use packets as a data source and then 
extract metadata such as application or website names. In 
contrast, flow data in most cases does not provide any 
information about what is contained within packet payloads. 
This network flow based analysis is working on the 
NetFlow v9 and Internet Protocol Flow Information Export 
(IPFIX) are available on some Cisco Integrated Services 
Routers (ISRs) and Cisco ASR 1000 Series Aggregation 
Services Routers (ASRIks) with Next Generation Network 
based Application Recognition (NBAR2) enabled.[1,3,6]. 


[4] Eric D.Kolayzak(2014), Statistical Analysis of 
Network Data, Dept of Mathematics and Statistics, 
Boston University, ppt(l-50). 
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operation. Visibility into the network is anvital tool for IT 
professionals. In short, new requirements and pressures, 
network operators are finding it critical to understand how 
the network is behaving including: [4,5,8] 

V Application and network usage 

V Network productivity and utilization of network 
resources 

V The impact of changes to the network 

V Network anomaly and security vulnerabilities 

V Long term compliance issues 

5. Conclusion: The NetFlow protocol is vital in unsecured 
networks environments which are used to monitor the 
traffic or packets flows, traffic analysis, security monitor, 
devices reporting and overall statistics of the networks. 
Therefore in this study we dully covered the protocol uses 
and services like we have designed the networks, we have 
configured the NetFlow protocol in the supportive router by 
using packet tracer simulator, we have seen the packet 
passing inside the devices and lastly by using the 
commands the results of network packet flow statistics is 
displayed. Generally the network admin should have 
implemented this protocol in any organizations to secure 
and monitor the entire network of organizations. 
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